package cn.lijiajia3515.cairo.starter.autoconfigure.security;

import lombok.extern.slf4j.Slf4j;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;

/**
 * security 异常兜底 不处理异常 由 AuthenticationFailedHandler, AuthenticationEntryPoint, AuthenticationAccessDeniedHandler 处理
 */
@Slf4j(topic = "[SecurityExceptionHandler]")
@ControllerAdvice(annotations = Controller.class)
@Configuration
@Order(200)
public class SecurityExceptionHandlerConfiguration {

	@ExceptionHandler(value = {AccessDeniedException.class, AuthenticationException.class})
	public ModelAndView exception(AccessDeniedException ex, @AuthenticationPrincipal Object principal, HttpServletRequest request) {
		throw ex;
	}
}
